Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 ...Result(s) : 151523

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-08-22CVE-2015-9337cve The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX.
N/A2019-08-22CVE-2014-10385cve The memphis-documents-library plugin before 3.0 for WordPress has XSS via $_REQUEST.
N/A2019-08-22CVE-2014-10384cve The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.
N/A2019-08-22CVE-2014-10383cve The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.
N/A2019-08-22CVE-2013-7482cve The reflex-gallery plugin before 1.4.3 for WordPress has XSS.
4.32019-08-22CVE-2008-7321cve The tubepress plugin before 1.6.5 for WordPress has XSS.
N/A2019-08-22CVE-2019-15318cve The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field.
N/A2019-08-22CVE-2019-15317cve The give plugin before 2.4.7 for WordPress has XSS via a donor name.
N/A2019-08-22CVE-2019-15314cve tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
N/A2019-08-22CVE-2019-14511cve Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to lis...
N/A2019-08-22CVE-2018-20982cve The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.
N/A2019-08-22CVE-2018-20981cve The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
N/A2019-08-22CVE-2018-20980cve The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
N/A2019-08-22CVE-2018-20979cve The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.
N/A2019-08-22CVE-2017-18575cve The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.
N/A2019-08-22CVE-2017-18574cve The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.
N/A2019-08-22CVE-2017-18573cve The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.
N/A2019-08-22CVE-2017-18572cve The gnucommerce plugin before 1.4.2 for WordPress has XSS.
N/A2019-08-22CVE-2017-18571cve The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316.
7.52019-08-22CVE-2017-18570cve The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
Page(s) : 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 ...Result(s) : 151523